|author||Peter Stephenson <firstname.lastname@example.org>||2014-10-06 17:16:12 +0100|
|committer||Peter Stephenson <email@example.com>||2014-10-06 17:16:12 +0100|
unposted (discussed offline): update README for integer import vulnerability
Diffstat (limited to 'README')
1 files changed, 5 insertions, 3 deletions
@@ -10,9 +10,11 @@ There are minor new features as well as bug fixes since 5.0.6.
Note in particular there is a security fix to disallow evaluation of the
initial values of integer variables imported from the environment (they
-are instead treated as literal numbers). Although no exploits are
-currently known with this issue it is recommended to upgrade as soon as
+are instead treated as literal numbers). That could allow local
+privilege escalation, under some specific and atypical conditions where
+zsh is being invoked in privilege elevation contexts when the
+environment has not been properly sanitized, such as when zsh is invoked
+by sudo on systems where "env_reset" has been disabled.